Re: Cannot join to domain over VPN

In news:FEF10069-EE57-4876-AAEF-60E38D806AB4@xxxxxxxxxxxxx,
maverick <maverick@xxxxxxxxxxxxxxxxxxxxxxxxx> typed:
Hi All,

I have 2 Sites which are connected by VPN.I tried to install a DC at
site2, and this machie which needs to point its DNS to the DC in
Site1 is correct and pings and resolves fine.When I try to join this
machine to the domain, it doesnt do it and comes up with 'Semaphore
timeout'.
I had a word with the network guy who confimred that all ports are
wide open, so shouldnt be a port/firewall
problem(clean portquery)..Changing MTU size and stuff also proved
futile.What do i do to get this to work?
Can somebody shed some light please?

Thanks
Maverick

As far as the 'semaphore' error, that tells me it's a port being blocked.

What type of VPN is connecting the offices? Is it a site to site using Cisco
PIX and L2TP? Whatever the brand name, are the routes set for both routers
on each end (built-in if the PIX are the devices) that have the other
office's subnet in it's routing table? Herb suggested pinging, nslookup,
etc. Can you post their results, as well as the ipconfig /all as he
requested?

A word about MTU size: it MUST be 1500. If this is over an ADSL line, it may
cause issues. LDAP, RPC and Kerberos fail with MTUs less than 1500. I can't
find the article explaining it, but have found altered MTUs causing
problems.

--
Regards,
Ace

This posting is provided "AS-IS" with no warranties or guarantees and
confers no rights.

Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCSE+I, MCT, MVP
Microsoft MVP - Directory Services
Microsoft Certified Trainer

Infinite Diversities in Infinite Combinations

Having difficulty reading or finding responses to your post?
Instead of the website you're using, try using OEx (Outlook Express
or any other newsreader), and configure a news account, pointing to
news.microsoft.com. Anonymous access. It's free - no username or password
required nor do you need a Newsgroup Usenet account with your ISP. It
connects directly to the Microsoft Public Newsgroups. OEx allows you
o easily find, track threads, cross-post, sort by date, poster's name,
watched threads or subject. It's easy:

How to Configure OEx for Internet News
http://support.microsoft.com/?id=171164

"Quitting smoking is easy. I've done it a thousand times." - Mark Twain



.

Relevant Pages

  • Re: Windows Update
    ... I changed the MTU size to 1470 in the regsitry as this worked, ... ping command now works with a MTU of 1440. ... Click Services tab and select Hide All Microsoft Services and Disable ... size of a PPPoE connection to a value of between 1,400 and 1,480 ...
    (microsoft.public.windows.server.sbs)
  • Re: samba authentication problems
    ... I can now do 'smbpasswd' without an error. ... Error connecting to 192.18.1.102 ... dc0: flags=8843mtu 1500 ... >>Do you Yahoo!? ...
    (freebsd-questions)
  • Re: VERY DISSAPOINTED IN MS - [Error number: 0x80072EE2]
    ... support group availabe to help those with microsoft update ... > When searching for available updates on the Windows Update site, ... someone mentioned an MTU seating on a router. ... > solution to a very frustrating problem. ...
    (microsoft.public.windowsupdate)
  • Re: Cannot open all websites.
    ... I am using a Bluetooth dongle in my Laptop to access internet by connecting ... Therefore I tried to lower down my MTU size to 1452, ...
    (microsoft.public.windowsxp.network_web)
  • Re: Setting MTU for GPRS connection on PocketPC 2002.
    ... You'll need to add the keyword, it is MTU you'll add this to ... feelings of Microsoft or any of its employees. ... I am not an employee of Microsoft. ...
    (microsoft.public.pocketpc.wireless)